Antivirus Market Share Report

Hi all,

Apologies in advance if this is not the correct forum or Wilders-appropriate subject.

I wanted to let those of you who might be interested know that we will be releasing a report based on our market share data for antivirus applications. Typically, these reports are based on vendor revenue vs their competition, however, because of what OPSWAT does we have reports on the actual antivirus applications installed on hundreds of thousands of endpoints.

The report will be out for general release on 7/7/10, however, if any bloggers or reporters are perusing this post, we would be happy to make it available prior to that for a write up.

Data was collected from opted-in users of AppRemover (users are free to unclick the "report data" button), our free uninstallation utility that some of you may be familiar with as well as the Am I OESIS OK? tool: our diagnostic utility that is typically used by customers of our customers (tech companies like Cisco, Juniper, F5 and more) for diagnosing and troubleshooting support issues. Its main function is to provide a relevant snapshot of the applications installed on a system.

We have prepared an excerpted advance copy of the report (viewable here: http://www.opswat.com/media/av_usage_vendorfree.pdf) which removes specific product and vendor data, but gives an idea of the kind of information we have available.

I'll post the full document after 7/7 if anyone is interested.

 

Hello all,

We've now made the full report antivirus market share available. Feel free to head over to our OESIS OK site to see...

http://www.oesisok.com/news-resources/reports/worldwide-antivirus-market-share-report%202010

 

I thought Symantec was supposed to control the market?

 

They likely do, in terms of actual revenue vs. the market as a whole. But that's not the whole story...

 

To address a question that was brought up in the other thread...

50 million is the estimated number of endpoints that contain the OESIS Framework. This number is arrived at based around data from customers which use the framework (Cisco, Juniper, etc).

Tens of thousands (around 23,000 to be exact) is the number of reports that were analyzed to produce this document.

 

Maybe the percentage with software from big company's like McAfee and Symantec is higher in reality as they come preinstalled on a lot of consumer pc's and the typical computer illiterate will leave it installed while more advanced users will probably uninstall it. The percentage if illiterates among users whose data was collected for this report will probably be lots lower than the percentage of illiterates among all computer users worldwide.

 

All the market share analysis shows is the users prefer not to pay for their protection if they can get a good product free:-avast and avira offer this and are thus the two products with the largest share,I hope this report didn't cost a lot to produce because its just reproducing something that is pretty obvious,like Symantec and McAfee having biggest share of paid for products:-due to so many PC manufacture res including trials of their products
The only thing I find a surprise is that Symantec actually has a bigger market share than AVG and Microsoft considering they are free solutions on the whole,hands up those who do pay for the "paid for version" of any of the free solutions

 

Since this market share analysis is based upon “volunteers” that “employ the OESIS Framework,” there exists the implicit assumption that these volunteers are representative of the population of all antivirus users. If the assumption is not true, then the market share analysis is seriously flawed.

OPSWAT, two questions:

1. What evidence exists to suggest that these volunteers constitute a good sample of all users of antivirus products?
2. For the “Antivirus Deployments by Product” pie chart, what is the denominator (N) of all reported percentages?

Thank you.

 

The chance of this volunteer group being representative of the market is pretty slim because I find the more security minded a user is the less likely they are going to share info from their PCs with anybody or any company/group,I find awareness of what threats exist creates a form of paranoia which causes a distrust of any group conducting research!

 

This report is ... let's call it "strange". IMO it does not represent the real-world but only a single "community" .
The product chart - it kind of claims that worldwide there are more paid avast! users than paid Norton users . That is ridiculos. There can be more free avast users but not paid than (any other vendor) . There is some inaccuracy ... for example

However , the chart shows 5 Symantec products - all the above + Norton 360.

 

I suspect that you are correct -- but, it would be helpful to hear more about the characteristics of the “volunteer group” (i.e., the sample from which data were collected) from OPSWAT.

For example, are these “volunteers” the “opted-in users of AppRemover” (see post #1)? If so, then maybe the interpretation of the “market share” analysis is really less about which security applications users are purchasing/installing and is more indicative of which security applications users are uninstalling?

 

1. Data was gleaned from a variety of diagnostic utilities, with different purposes and audiences. The fact that the data correlated strongly, despite these different sources suggested to us that we had accurate data. It was not merely AppRemover, but also our Am I OESIS OK utility. (and OESISDiagnose).

2. Do you mean what was the total number of detected products?

 

Unfortunately, from a strict statistics perspective, a strong correlation does not suggest that the data are representative of the population of all antivirus users; but does suggest that users of AppRemover are similar to users of Am I OESIS OK in terms of the distribution of the prevalence of the antivirus products. In other words, it is unwise to confuse internal consistency with representativeness, which are two very distinct issues.

Again, the question remains: Why would one assume that users of AppRemover and of Am I OESIS OK are representative of the population of all antivirus users? In the parlance of the discipline of marketing research, this “market share” analysis was conducted using a “convenience sample,” not a random sample of the market of all users. This is not an “academic” or a minor point -- using a convenience sample severely restricts the interpretation and usability of the findings.

What percent of the data were gathered through AppRemover, through Am I OESIS OK, and through each of the other diagnostic utilities?

In addition, OPSWAT, over what time period were the data gathered for this analysis (i.e., the start and end dates)?

For example, for the “Antivirus Deployments by Product” pie chart, Norton Internet Security is reported as “1.94%” which was computed as the ratio of “X” to “Y” (i.e., 1.94% = X/Y*100). What was the value of “Y” used in the computation of all the percentages in the chart? Was it “23,000” (see post #5)?

Thank you for these clarifications.

 

I concede you may be correct in this finding. It is indeed an “assumption” that the data is truly representative. What we have presented is a potentially illuminating snapshot based on data with a unique source. The caveat, is that the data comes from actual end-users that employ the toolkit from which the data is collected.

Data was collected for a month and a half from 3/1/10 through 4/15/10.

We focused on 170 different products ouf of many more that were actually detected. This combines versions of a product together. So AVG 8.5 and 9 are grouped. So, Norton Internet Security is 1/170
NIS is indeed 1.94% of the 23,000.

 

OPSWAT

PC Tools is classified as a 'US-based vendor'. Is this now true or just an understandable assumption?

They may well be US-market-focused but I thought they were still an Australian company, registered in Ireland mainly for tax minimization.

 

Yeah I misread the link that IBK posted in the other thread.

 

OPSWAT, thank you for your intellectual honesty.

I respectfully recommend that you consider inserting a cautionary note in the PDF of the report indicating that interpretation of the findings as market share insights may be problematical. You may also wish to edit the title of the report from “Windows Antivirus - Worldwide Market Share Analysis” to “Windows Antivirus - Worldwide Usage Analysis.”

I do agree that the report presents “a potentially illuminating snapshot based on data with a unique source,” but unless that “unique source” is reflective of “the market” in its entirety, the findings cannot be properly viewed as market share or used to support general conclusions about antivirus vendors or their products.

 

My CEO requested my input on this interesting report from OPSWAT. Much of my response was along the lines of what Pleonasm stated.

I would be interested to know if OPSWAT could cross-tab the AV usage with 'market' (i.e., US, Europe, Pacific Rim, South Asia, etc.). I've long suspected there are significant differences between US and Europeans.

Also, I'm curious about the distinction between consumer and enterprise/SMB machines.

I recommend conducting this annually. As I told my CEO, if we were to assume that Symantec and McAfee had been considerably more dominant three years ago, then that would make for some interesting inferences and even more interesting speculation as to cause-effect. In other words, increasing fragmentation might suggest increasing dissatisfaction and increasing openness to trying 'other' vendor solutions. But then, that speculation, based on that assumption, would only apply to that sample population, which would be characterized as what?

Thanks OPSWAT. Interesting stuff.

Cheers,

Eirik

 

It may be unwise to infer customer dissatisfaction from enhanced competition and therefore increased marketplace fragmentation. A better indication of dissatisfaction may be the absolute (not relative) sales growth of a company’s product. The best way to assess satisfaction, of course, is to conduct customer satisfaction research using, for example, the Net Promoter Score.

Yes, a precise definition of the sample used in this research would be helpful.

 

Share doesn't matter except to vendors. The 2 biggies in NA are Norton and McAfee and they make deals with Dell, HP etc to deliver with new sales.

This does NOT mean they are the most effective products.

For effectiveness measures look elsewhere.

 

Irrelevant post edited.

 

It may point not be welcome and that's too bad, but the point is that share % is NOT the way to find effective AV's.

How do you suggest users find the effective AV's?

Should they assume that since it came bundled with the PC it must be "best"?

 

Please note that this thread is about “market share” -- not about anti-malware effectiveness. While it is true that the former doesn’t guarantee the latter, there is an argument to be made that the largest vendors will grow in dominance while the smaller will diminish, due to the substantial capital, human and intellectual resources now required to research, develop and deploy innovative anti-malware strategies and tactics.

As a result, in my opinion, we’ll see a continued coalescing of the anti-malware marketplace into a few key vendors in the near future, coupled with a scattering of minor niche competitors. Thus, I believe that market share is critical, because it provides the depth of resources needed for a company to create highly effective anti-malware solutions and thereby propel further sales.

 

I apologise for jumping the gun. I misread/misunderstood your post.

After re-reading it, I have to agree.

 

Hi:

Yes I see your point. Without the resources bugs will not get fixed or improvements made.

So given this what if we take a 4 step method to select AV?

1) id the top 5 to 10 by market share
2) use those to id the top 5 effectiveness wise
3) Reduce to those compatible on your setup
4) Test/Trial each in turn and go with one user is comfortable with